Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation
CVE-2021-43548

6.5MEDIUM

Key Information:

Vendor: Philips
Status: Patient Information Center Ix (pic Ix)
Vendor: CVE Published:; 27 December 2021

Summary

Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.

Affected Version(s)

Patient Information Center iX (PIC iX) C.02

Patient Information Center iX (PIC iX) C.03

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 27, 2021
Vulnerability Reserved
Nov 8, 2021

Credit

Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks